M&A activity in TMT: AI and cyber security boost M&A performance amid TMT industry uncertainty.

BDO’s exclusive mid-market M&A data shows technology, media and telecoms (TMT) deal activity has been influenced by on-going macroeconomic uncertainties. Inflation, interest rates and the recent collapse of Silicon Valley Bank likely all contributed to dropping TMT M&A activity. However, TMT M&A activity remains robust, outpacing pre-pandemic levels as companies across industries prioritise digital transformation and TMT upgrades to improve operations and bolster long-term growth potential.

Investor deal participation, including private equity (PE) firms, demonstrates confidence in the TMT sectors outlook despite current choppy waters. Simultaneously, new technologies, exemplified by generative AI continue to emerge, attracting the interest of companies and investors alike. Generative systems such as ChatGPT promise ground-breaking applications across industries. One example is cybersecurity, which shows continued strong M&A performance, highlighting the resilience and future potential of the TMT sector.

Uncertainty and slow-down

MergerMarket M&A data exclusive to BDO, shows mid-market M&A activity dropping in the start of 2023 from the highs of 2022. However, it should be noted that M&A activity remains above pre-pandemic levels. TMT recorded 764 deals in the first quarter of 2023, worth a combined US$39 billion.

Private equity firms continue to show a strong appetite for TMT deals. In Q1 2023, PE firms were involved in 61 per cent of total TMT deal volume, representing 48 per cent of overall deal value.

Software deal activity slows

By sector, software showed the most marked slow-down in activity. 2023’s first quarter result of 583 deals were less than the deals in the first quarter of 2022, an almost 60 per cent year-on-year decrease.

Other sub-sectors in TMT showed resilience to M&A downturn with several, including hardware and ecommerce, posting slight quarter-on-quarter growth in activity. The drop in technology M&A was led by software.

Cybersecurity bucks broader tech sector trend

M&A slow down is mirrored by recent layoffs in the technology sphere. More than 300,000 jobs have been lost in the past two years. However, cybersecurity professionals remain in high demand, with comparatively few layoffs in the field.

Research conducted by ISC2 found that while 50 per cent of C-suite executives in various countries anticipate layoffs this year, only 10 per cent expect to cut jobs in cybersecurity. This indicates that business leaders consider cybersecurity a critical and essential function in their organisations. Their view is justified when looking at the average costs of cyberattacks. IBM data shows observation that the average costs of a data breach are US$4.35 million.

Cybersecurity-related M&A activity also remains strong. SecurityWeek analysis found 455 cybersecurity deals announced in 2022, up from 435 in 2021. The US and UK continue to lead deal activity, ahead of Canada, Germany, Israel and Australia. In 2022, transactions totalled over $63 billion in disclosed deal value, with ten companies acquired for more than $1 billion.

Deal activity involved by institutional and strategic investors, as well as industry consolidation. In the latter category, managed security service providers (MSSPs) were particularly active. Many MSSPs are leveraging M&A as a way to integrate new services and acquire market shares in a rapidly evolving market.

Generative AI: new challenges and opportunities in cybersecurity

Cybersecurity's performance is partly driven by companies and organisations facing a developing threat landscape, and the opportunities and risks posed by disruptive technologies, such as generative AI.

This technology can be employed by both attackers and defenders. Attackers can deploy generative AI to increase the speed and variation of threats. However, defences can leverage generative time to enabling offensive security measures like automated penetration testing and security awareness tasks. Integrating generative AI into tools like extended detection and response (XDR) can help analyse data, summarise attack events, and write remediation code for vulnerabilities. The technology's impact on workflow -driven security tools, such as security information and event management (SIEM) and security orchestration, automation, and response (SOAR), may boost security operations centre (SOC) efficiency.

As with cybersecurity in general, it is unlikely that generative AI solutions will be one-size-fits-all for companies and organisations. Its many use cases may create fertile ground for startups building flexible, vertically focused solutions focused on delivering great user experiences around human-AI interactivity. If this is the case, we can expect to see further M&A activity as cybersecurity industry incumbents and ‘big tech’ companies continue to establish their presence in the emerging space.

This article originally appeared in BDO Horizons 2023 - Issue 2

Read the full issue